# -*- coding: utf-8 -*-
"""Location: ./tests/integration/test_cross_hook_context_sharing.py
Copyright 2025
SPDX-License-Identifier: Apache-2.0

Integration tests for cross-hook context sharing functionality.

These tests verify that plugin contexts are properly shared across different
hook types (HTTP → Tool, HTTP → Resource, HTTP → Prompt, RBAC hooks, etc.).
"""

# Standard
import os
from pathlib import Path

# Third-Party
import pytest
from fastapi.testclient import TestClient
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker

# First-Party
from mcpgateway.db import Base
from mcpgateway.main import app
from mcpgateway.middleware.http_auth_middleware import HttpAuthMiddleware
from mcpgateway.plugins.framework import PluginManager


class TestCrossHookContextSharing:
    """Integration tests for cross-hook context sharing.

    These tests verify that:
    1. Context stored in HTTP_PRE_REQUEST is accessible in HTTP_AUTH_CHECK_PERMISSION
    2. Context stored in HTTP hooks is accessible in MCP hooks (Tool, Resource, Prompt)
    3. GlobalContext is properly shared across all hooks
    4. Plugin state is isolated per plugin
    """

    @pytest.fixture
    def test_db(self):
        """Create a test database."""
        engine = create_engine("sqlite:///:memory:")
        Base.metadata.create_all(engine)
        SessionLocal = sessionmaker(bind=engine)
        db = SessionLocal()
        yield db
        db.close()

    @pytest.fixture
    async def plugin_manager(self):
        """Create plugin manager with cross-hook context test plugin."""
        # Get the path to the test plugin config
        config_file = Path(__file__).parent.parent / "unit" / "mcpgateway" / "plugins" / "fixtures" / "configs" / "cross_hook_context.yaml"

        # Enable plugins for this test
        with pytest.MonkeyPatch.context() as mp:
            mp.setenv("PLUGINS_ENABLED", "true")
            mp.setenv("PLUGIN_CONFIG_FILE", str(config_file))

            # Create plugin manager
            manager = PluginManager(str(config_file))
            await manager.initialize()

            yield manager

            # Cleanup
            await manager.shutdown()

    @pytest.fixture
    def test_client_with_plugins(self, plugin_manager):
        """Create test client with plugin middleware enabled."""
        # Add the HttpAuthMiddleware with plugin manager
        app.add_middleware(HttpAuthMiddleware, plugin_manager=plugin_manager)

        with TestClient(app) as client:
            yield client

    @pytest.mark.asyncio
    async def test_http_to_rbac_context_sharing(self, test_client_with_plugins, plugin_manager):
        """Test context sharing from HTTP_PRE_REQUEST to HTTP_AUTH_CHECK_PERMISSION.

        This test verifies that:
        1. HTTP_PRE_REQUEST hook stores context data
        2. HTTP_AUTH_CHECK_PERMISSION hook can read that data
        3. The plugin doesn't raise any ValueError about missing context
        """
        # Make a request that triggers both HTTP_PRE_REQUEST and HTTP_AUTH_CHECK_PERMISSION
        response = test_client_with_plugins.get(
            "/tools",
            headers={"Authorization": "Bearer test-token"}
        )

        # If cross-hook context sharing works, the plugin won't raise ValueError
        # and the request will succeed (or fail for other reasons like auth)
        # The important thing is that we don't get a 500 error from the plugin

        # Note: This might return 401 if auth fails, but that's OK -
        # we're testing that the plugin's cross-hook context access works
        assert response.status_code in [200, 401], \
            "Plugin should not raise ValueError about missing context"

    @pytest.mark.asyncio
    async def test_http_to_tool_context_sharing(
        self, test_db, test_client_with_plugins, plugin_manager
    ):
        """Test context sharing from HTTP hooks to TOOL_PRE_INVOKE hook.

        This test verifies that:
        1. HTTP_PRE_REQUEST stores context
        2. TOOL_PRE_INVOKE can read HTTP context data
        3. TOOL_PRE_INVOKE can also read HTTP_AUTH_CHECK_PERMISSION data
        """
        # First, set up a test tool
        from mcpgateway.schemas import ToolCreate
        from mcpgateway.services.tool_service import ToolService

        tool_service = ToolService()

        # Register a test tool
        tool_data = ToolCreate(
            name="test_cross_hook_tool",
            description="Test tool for cross-hook context",
            input_schema={"type": "object", "properties": {}},
        )

        await tool_service.register_tool(test_db, tool_data)

        # Make a request to invoke the tool
        response = test_client_with_plugins.post(
            "/rpc/",
            json={
                "jsonrpc": "2.0",
                "id": "test-1",
                "method": "tools/call",
                "params": {
                    "name": "test_cross_hook_tool",
                    "arguments": {}
                }
            },
            headers={"Authorization": "Bearer test-token"}
        )

        # The plugin should successfully access context from HTTP hooks
        # If it fails to find the context, it will raise ValueError and return 500
        assert response.status_code != 500, \
            "Cross-hook context sharing should work for HTTP → Tool"

    @pytest.mark.asyncio
    async def test_http_to_resource_context_sharing(
        self, test_db, test_client_with_plugins, plugin_manager
    ):
        """Test context sharing from HTTP hooks to RESOURCE_PRE_FETCH hook.

        This test verifies that context stored in HTTP_PRE_REQUEST is
        accessible in the RESOURCE_PRE_FETCH hook.
        """
        # First, set up a test resource
        from mcpgateway.schemas import ResourceCreate
        from mcpgateway.services.resource_service import ResourceService

        resource_service = ResourceService()

        # Register a test resource
        resource_data = ResourceCreate(
            uri="test://cross-hook-resource",
            name="Cross-hook test resource",
            content="Test content",
            mime_type="text/plain",
        )

        created = await resource_service.register_resource(test_db, resource_data)

        # Make a request to read the resource
        response = test_client_with_plugins.get(
            f"/resources/{created.id}",
            headers={"Authorization": "Bearer test-token"}
        )

        # The plugin should successfully access context from HTTP hooks
        assert response.status_code != 500, \
            "Cross-hook context sharing should work for HTTP → Resource"

    @pytest.mark.asyncio
    async def test_http_to_prompt_context_sharing(
        self, test_db, test_client_with_plugins, plugin_manager
    ):
        """Test context sharing from HTTP hooks to PROMPT_PRE_FETCH hook.

        This test verifies that context stored in HTTP_PRE_REQUEST is
        accessible in the PROMPT_PRE_FETCH hook.
        """
        # First, set up a test prompt
        from mcpgateway.schemas import PromptCreate
        from mcpgateway.services.prompt_service import PromptService

        prompt_service = PromptService()

        # Register a test prompt
        prompt_data = PromptCreate(
            name="test_cross_hook_prompt",
            template="Hello {name}!",
            description="Test prompt for cross-hook context",
        )

        created = await prompt_service.register_prompt(
            test_db,
            prompt_data,
            user_email="test@example.com"
        )

        # Make a request to get the prompt
        response = test_client_with_plugins.get(
            f"/prompts/{created.name}",
            headers={"Authorization": "Bearer test-token"}
        )

        # The plugin should successfully access context from HTTP hooks
        assert response.status_code != 500, \
            "Cross-hook context sharing should work for HTTP → Prompt"

    @pytest.mark.asyncio
    async def test_global_context_consistency(self, test_client_with_plugins, plugin_manager):
        """Test that GlobalContext is consistent across all hooks.

        This test verifies that the same GlobalContext instance (or at least
        the same request_id) is used across all hooks in a single request.
        """
        # Make a request that triggers multiple hooks
        response = test_client_with_plugins.get(
            "/tools",
            headers={"Authorization": "Bearer test-token"}
        )

        # The plugin stores request_id in global context during HTTP_PRE_REQUEST
        # and verifies it's present in subsequent hooks
        # If the global context wasn't shared, the plugin would raise ValueError

        assert response.status_code in [200, 401], \
            "GlobalContext should be consistent across all hooks"

    @pytest.mark.asyncio
    async def test_plugin_context_isolation(self, plugin_manager):
        """Test that plugin contexts are properly isolated.

        This test verifies that each plugin gets its own isolated context
        and cannot access other plugins' context data.
        """
        from mcpgateway.plugins.framework import (
            GlobalContext,
            HttpPreRequestPayload,
            HttpHeaderPayload,
            HttpHookType,
        )

        # Create a global context
        global_context = GlobalContext(request_id="test-isolation-123")

        # Invoke HTTP_PRE_REQUEST hook (which stores data in context)
        payload = HttpPreRequestPayload(
            path="/test",
            method="GET",
            headers=HttpHeaderPayload(root={}),
        )

        result, context_table = await plugin_manager.invoke_hook(
            HttpHookType.HTTP_PRE_REQUEST,
            payload=payload,
            global_context=global_context,
        )

        # Verify context table was created
        assert context_table is not None
        assert len(context_table) > 0

        # Verify each plugin has its own isolated context
        # The key format is: request_id + plugin_uuid
        for key, context in context_table.items():
            assert key.startswith("test-isolation-123")
            assert "http_timestamp" in context.state
            # Each plugin should only see its own state
            assert context.state["http_timestamp"] == "2025-01-01T00:00:00Z"
